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Abstract —In the existing cloud brokerage system, the 
client does not have the ability to verify the result of the 
cloud sendee selection. There are possibilities that the 
cloud broker can be biased in selecting the best Cloud 
Service Provider (CSP) for a client. A compromised or 
dishonest cloud broker can unfairly select a CSP for its 
own advantage by cooperating with the selected CSP. To 
address this problem, we propose a mechanism to verify 
the CSP selection result of the cloud broker. In this 
verification mechanism, properties of every CSP will also 
be verified. It uses a trusted third party to gather 
clustering result from the cloud broker. This trusted third 
party is also used as a base station to collect CSP 
properties in a multi-agent’s system. Software Agents are 
installed and running on every CSP. The CSP is 
monitored by agents as the representative of the customer 
inside the cloud. These multi-agents give reports to a 
third party that must be trusted by CSPs, customers and 
the Cloud Broker. The third party provides transparency 
by publishing reports to the authorized parties (CSPs and 
Customers). 

Keywords — Cloud Service Selection, Brokerage System, 
Merkel Hash Tree, Verification. 

I. INTRODUCTION 

Cloud services offer a scalable variety of storage space 
and computing capabilities, which are widely employed 
by an increasing number of business owners. This has 
resulted in a large number of cloud service providers 
(CSPs), offering a wide range of resources. The 
availability of various, possibly complex options, 
however, makes it difficult for potential cloud clients to 
weigh and decide which options suit their requirements 
the best. 

The Challenges are: 

• It is hard for cloud clients to gather information 
about all the CSPs available for their selections; 

• It is also computationally expensive to choose a 
suitable CSP from a potentially large CSP pool. 
In light of these difficulties, both industry and 


academia suggested introducing an additional 
computing layer on top of the base service 
provisioning to enable tasks such as discovery, 
mediation and monitoring. 

In a cloud brokerage system, one of the most fundamental 
tasks is to provide high-quality selection services for 
clients. That is, a broker provides clients with a list of 
recommended CSPs that meet the clients’ needs. With the 
aid of cloud brokers, clients no longer need to collect, 
search or compare CSPs’ services and capabilities. 
Without the ability to verify the correctness of the service 
recommendation, cloud clients could be easily cheated by 
malicious brokers. For instance, malicious brokers could 
recommend their favourable CSPs as much as possible 
and ignore other suitable CSPs, without being caught by 
the clients. More seriously, due to the lack of supervision 
and verification of brokers’ actions, malicious brokers 
could even recommend malicious CSPs which collect and 
sell clients’ private resources, monitor clients’ hosts 
during cloud service provisioning, causing major financial 
and confidentiality losses to the clients. Therefore, it is 
important to equip the clients with verification 
capabilities of the obtained recommendations. The clients 
may not need to verify each recommendation result, but 
they certainly need to have the ability to do so when they 
feel necessary. 

Our novel index structure is the core component of our 
Cloud Service Selection Verification (CSSV) scheme, 
which employs the idea of “separation of duties” to 
ensure strong security guarantees. Precisely, we introduce 
a trusted collector in the cloud brokerage system that 
separates the task of CSP information collection from the 
service selection. The collector does not directly interact 
with the cloud clients and is only in charge of gathering 
information from the CSPs, and hence it can be more 
devoted into adopting sophisticated defences to filter out 
problematic data and building an authenticated database 
of CSPs’ profiles. The collector is allowed to make profit 
by selling the authenticated database to one or more cloud 
brokers. With the available authenticated databases, the 
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cloud brokers focus on handling probably a large number 
of real-time service requests from clients. Since there are 
related works in an MMB Cloud tree. 

They are: 

• Cloud Service Selection 

• DB Query Authentication 

The Cloud Service Selection describes the 
recommendation system in cloud computing suitable for 
design-time decisions as it statically provided a ranking of 
available cloud providers. Aiming at evaluating the 
performance and capabilities of services offered by CSPs 
for facilitating customers’ selections, cloud service 
selection is focused only on how to select the services that 
satisfy customers’ requirements. None of them considers 
security issues involved in the service selection, and none 
of them provides verifiable schemes to prove the 
correctness and completeness of their service selection 
results as addressed in our work and to trusted collector 
sharing location-based information, whereas we use the 
collector to achieve service verification in the cloud. 

Our proposed authenticated index structures are related to 
those developed for query authentication in outsourced 
databases. At query execution, the service provider picks 
the signatures of the data objects falling in the query 
range to form the proof messages. Since each data object 
is linked with its predecessor and successor in an 
unforgeable way, the client is able to verify the 
completeness and correctness of query results by 
verifying the validity of signatures. 

A. Existing System 

In an existing cloud brokerage schemes is that brokers are 
completely trusted and thus will always provide unbiased 
best available options to clients. Under this assumption, 
none of the existing works provides guarantees over the 
correctness or completeness of the service selection 
recommendations to the cloud clients. Without the ability 
to verify the correctness of the service recommendation, 
cloud clients could be easily cheated by malicious 
brokers. For instance, malicious brokers could 
recommend their favourable CSPs as much as possible 
and ignore other suitable CSPs, without being caught by 
the clients. More seriously, due to the lack of supervision 
and verification of brokers’ actions, malicious brokers 
could even recommend malicious CSPs which collect and 
sell clients’ private resources, monitor clients’ hosts 
during cloud service provisioning, causing major 
financial and confidentiality losses to the clients. 

B. Proposed System 

In our proposed system a novel index structure is the core 
component of our Cloud Service Selection Verification 
(CSSV) scheme, which employs the idea of separation of 
duties to ensure strong security guarantees. Precisely, we 


introduce a trusted collector in the cloud brokerage 
system that separates the task of CSP information 
collection from the service selection. The collector does 
not directly interact with the cloud clients and is only in 
charge of gathering information from the CSPs, and hence 
it can be more devoted into adopting sophisticated 
defences to filter out problematic data and building an 
authenticated database of CSPs’ profiles. The collector is 
allowed to make profit by selling the authenticated 
database to one or more cloud brokers. With the available 
authenticated databases, the cloud brokers focus on 
handling probably a large number of real-time service 
requests from clients. 

C. Advanced Scheme using MMB Cloud-Tree: 

The basic approach using MMB cloud-tree indexes only 
the Price property, and therefore has limited ability to 
deal with queries that do not include Price as one of the 
selection criteria, or with queries that have many other 
selection criteria besides Price. In either case, the basic 
approach may return many CSPs which satisfy only the 
Price criterion but not the whole query in the proof 
message for verification. 

II. MODULES 

A. CSP Profile Creation 

The service provider is in need to expose the service that 
provided by them, in terms of the whole package of the 
service. The package that consist of the details such as a 
product that provide by the service provider and the 
respective cost for each product in service. And a total 
cost of the service. The service provider can be able to 
produce any number (N numbers) of service and each are 
declared as separate package. 

B. Database Construction 

The collector surf with the cloud service provider services 
and select the needed package of services. And the 
collector submits the resource request to the respective 
CSP of service. 

P, 


□ • 

Fig.l: The collection of services from different CSP and 
storing it in the collector DB 
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If the CSP acknowledge the collector request of resource, 
now the collector is ready to access the resource details 
and to provide the respective resource to requesting 
broker. Collector serves as an intermediate between the 
broker and the CSP. 

The Cloud Service Provider provides the service to the 
broker. They collecting the service and given to the 
broker whoever requesting the trusted collector. 

C. Service Selection by the broker 

It is worth noting that, the novelty of our approaches not 
only lies in a new set of verification algorithms specific to 
the cloud service selection, but also gives efficient 
solutions (compared with the state-of-the-art) to the 
problem of authenticating multidimensional queries. The 
reason to choose Price as the indexing field is two-fold. 
First, given that most cloud providers employ a pay-per- 
use business model. Price is one of the most commonly 
occurred criteria in cloud service selection queries. First, 
cloud service selection typically allows cloud users to 
specify multiple service requirement is always desirable 
to have efficient cloud service selection and verification 
so that the cloud end users would not feel delay of 
services. Our novel index structure is the core component 
of our Cloud Service Selection Verification (CSSV) 
scheme, which employs the idea of “separation of duties” 
to ensure strong security guarantees, we propose the 
Cloud Service Selection Verification (CSSV) scheme 
which is a comprehensive solution that is capable of 
guaranteeing all the three security requirements (i.e., 
authenticity, satisfiability and completeness). 

D. Results Verification 

More seriously, due to the lack of supervision and 
verification of brokers’ actions, malicious brokers could 
even recommend malicious CSPs which collect and sell 
clients’ private resources, monitor clients’ hosts during 
cloud service provisioning, causing major financial and 
confidentiality losses to the clients, we propose 
innovative authenticated index structures and verification 
protocols to allow clients to verify the completeness and 
authenticity of brokers’ answers. This problem is related 
to that of authentication of query results for outsourced 
databases, selection and verification so that the cloud end 
users would not feel delay of services, but existing few 


works, although support authentication of multi¬ 
dimensional query results, are time consuming, resulting 
that they could not meet the demands of today’s real-time 
cloud service recommendations. 

III. SYSTEM ARCHITECTURE DIAGRAM 
FOR MMB CLOUD 

A. System Architecture 

The cloud service providers providing the services to the 
brokers stored in the cloud. The collector logs onto the 
system are stored in the database and purchase 
authenticated database. The collector providing services 
to the cloud brokers. The user searching for the brokers 
for the needed service. Finally, The results verification by 
the clients. The System architecture are mainly occurs 
Cloud service providers, collectors, cloud brokers and 
users. This diagram shows the system architecture of 
mmb- cloud as shown below. 


Cloud Broker 



Fig.2: System Architecture Diagram for MMB-Cloud 

B. Work Flow Diagram 

The first step is to create a profile for Cloud Service 
Providers(CSP’s) and services are stored in the cloud. 
The second step is the collector build authenticated 
database and after collecting services from the CSP data 
stored in the database. The third step is service selected 
by the brokers. And finally, the clients searching for the 
service that they need for the various brokers. And if the 
user finds the needed service they request the service to 
the broker and get use with the resource. And verify or 
cross check the resource that bought from the broker that 
whether the broker serves the correct resource in 
affordable cost. 
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Fig.3: Work Flow Diagram for MMB-Cloud 


IV. REQUIREMENTS 

A. Hardware Requirments 

• The hardware required are laptop which 
hard disk consists of 200GB and above, and 
an RAM consists of 2GB and above and a 
processor. 

• These are the hardware requirements in 
mmb- cloud. 

B. Software Requirments 

• The software required are windows XP and 
Java development kit for the latest version 
of 1.7. 

• Tomcat 6.0 (Apache Tomcat Server) is a 
web container developed at the apache 
software foundation. It implements the 
servlets and java server pages. 

• My SQL 5.0(Structured Query Language) 
is used to storing all the information in the 
database. 

V. MERKLE HASH TREE ALGORITHM 

As our proposed data structure is developed based on the 
Merkle hash tree, we provide more details of this 
structure as follows. The Merkle hash tree has a binary 
tree as the base structure. The leaf nodes in the Merkle 
hash tree contain the hash values of the original data 
items. Each internal node contains the hash value of the 
concatenation of the hash values of its two children 
nodes. 

A. Why Merkle trees? 

• Consistency Verification 

• Data Verification 

• Data Synchronization 


Merkle trees are used in distributed systems for efficient 
data verification. A Merkle tree is a hash-based 
structure that is a generalization of the hash list.It is a tree 
structure in which each leaf node is a hash of a block of 
data, and each non-leaf node is a hash of its children. 

B. Algorithm Steps 

• Merkle hash tree was typically implemented as 

binary trees. 

• Binary Tree is a node-based binary tree data 
structure. 

• The left sub tree of a node contains only nodes 
with keys lesser than the node’s key. 

• The right sub tree of a node contains only nodes 
with keys greater than the node’s key. 

• The left and right sub tree each must also be a 
binary search tree. There must be no duplicate 
nodes. 

VI. CONCLUSION 

In this paper, we presented an innovative Cloud Service 
Selection Verification (CSSV) system to achieve 
cheating-free cloud service selection under a cloud 
brokerage architecture. The core of our system is an 
efficient authenticated index structure to ensure the 
authenticity, the satisfiability and the completeness of the 
service selection results. Our theoretical and experimental 
results demonstrate the effectiveness and efficiency of our 
schemes compared with the state-of-the-art. As part of our 
future work, we plan to consider a verifiable scheme for 
best service selection query whereby the broker returns 
only the best CSP instead of all candidate CSPs with 
respect to a client’s request. 
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